Building a Mock Registration MDS for your 1.2.0.x MOSIP Setup

Owned by Rounak Nayak (Unlicensed)
Last updated: Dec 09, 2022
5 min read

Pre-requisites

  • MOSIP 1.2.0.x setup with the Partner Management Portal deployed

  • The CA certificate utility to create the device partner certificates

The CA_CERT_UTILITY is a certificate creation utility that uses shell script commands being executed sequentially to generate valid certificates. For Linux machines running the script is easy but windows machines will need the git installed or need the OpenSSL application installed in the machine.

Steps

Please update all the URLs as per your environment

Step 1: Create a “Device Partner” using the Partner Management Portal
https://pmp.dev.mosip.net/

Organization Name” is also required while creating the partner certificate, hence please be careful in providing the Organization Name while creating the partner as well as certificates.

Step 2: Create Mock CA, Sub CA and Partner Certificates using the CA Certificate Utility

  • Run the “ create-certs.sh "

  • Sequentially create the certificates for CA, SUBCA and Partner (also known as client)

Create a CA using the CA Certificate Utility

Step 3: After the completion of the above steps, the certificates are created in the same folder. The required certificate sheets are highlighted below.

Step 4: Steps to upload the above certificates in MOSIP.

  1. Rename the below certificates

    1. RootCA.crt → RootCA.cer

    2. InternmediateCA.crt → InternmediateCA.cer

    3. Client.crt → Client.cer

  2. Login to the partner management portal using the role “PARTNER_ADMIN” and navigate the “Upload CA Certificate”

  3. Upload the RootCA.cer

  4. Upload the InternmediateCA.cer

  5. Login to the partner management portal using the credentials of the “Device Partner” created in Step 1 and upload the Client.cer in the Upload Certificate option

Step 5: Add the MOSIP signed certificate to the CA Cert Utility folder

  1. Copy the text shown when you can click on “View Certificate”

  2. Open a new notepad++ file and place the data

  3. Find all blank spaces and replace with \n with search mode as “Regular Expression” to make it a “crt” file

  4. Name the file “mosip-signed.crt” and save it in the same directory as CA Cert Utility

Step 6: Generate Device.p12 file

Run “create-device-keystore.sh” and enter values as below,

 

In Windows, create-device-keystore.sh may not work. You will need OpenSSL or Git installed to run this script. Please find the steps to install OpenSSL and run the create-device-keystore.sh script for windows:

  1. Install OpenSSL 1.1.1 (64-bit)

  2. Browse to the installation directory

  3. Click on Win64 OpenSSL Command Prompt, run as Administrator

  4. Open “create-device-keystore.sh” in text file

  5. Copy and paste commands line by line in the OpenSSL cmd prompt

    1. cd <path to CA_CERT_UTILITY>

    2. openssl genrsa -out Device.key 4096

    3. openssl req -new -key Device.key -out Device.csr

    4. openssl x509 -req -extensions usr_cert -extfile D:\MOSIP\Reference\CA_CERT_UTILITY\openssl.cnf -days 365 -in Device.csr -CA D:\MOSIP\Reference\CA_CERT_UTILITY\mosip-signed.crt -CAkey D:\MOSIP\Reference\CA_CERT_UTILITY\Client.key -set_serial 05 -out signed-Device.crt

    5. openssl pkcs12 -export -in signed-Device.crt -inkey Device.key -out Device.p12 -name "Device"

  6. Once all Certificates are created, you will find a list of files in the same directory below

Step 7: Setting up the Mock Registration MDS

  1. Download the latest mock MDS .zip from the URL: https://github.com/mosip/mosip-mock-services/tree/master

  2. Place the device certificates created in the certificate paths as highlighted below in the mock MDS:

  3. Modify the “application.properties” file as below after placing the certificates are placed.

  4. Modify the below changes in the “application.properties” file.

  5. Build the MDS in the command prompt in the same directory where the pom file exists
    run “mvn clean install